Nssm224 Privilege Escalation - Updated

This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later.

The official description states:

is a beloved tool in the Windows administration world for its simplicity in turning any executable into a background service. However, recent disclosures have highlighted how improper deployment of can become a high-speed lane for Local Privilege Escalation (LPE) nssm224 privilege escalation updated

If the low-privileged user has permissions to restart the service, they execute: sc stop BackupApp sc start BackupApp Use code with caution. This public link is valid for 7 days

An attacker initial drops into a low-privilege shell and enumerates services looking for weak configurations. Can’t copy the link right now